Open noobdummy opened 4 years ago
https://www.fail2ban.org
apt install fail2ban
fail2ban-client status
Status |- Number of jail: 1 `- Jail list: sshd
fail2ban-client status sshd
创建文件/etc/fail2ban/action.d/iptables-blocktype.local 内容为
[Init] blocktype = DROP
参考文件/etc/fail2ban/action.d/iptables-common.conf iptables-blocktype.local文件会在iptables-common.conf前解析
创建文件/etc/fail2ban/jail.d/sshd.conf 内容为
[sshd] enabled = true findtime = 120 maxretry = 3 bantime = 864000
systemctl restart fail2ban
cat /var/log/fail2ban.log 看到如下信息
: INFO Starting Fail2ban : INFO Creating new jail 'sshd' : INFO encoding: UTF-8 : INFO maxRetry: 3 : INFO findtime: 120 : INFO banTime: 864000 : INFO Jail 'sshd' started
网站
https://www.fail2ban.org
安装
apt install fail2ban
查看启用状态
fail2ban-client status
查看状态
fail2ban-client status sshd
修改iptables策略
创建文件/etc/fail2ban/action.d/iptables-blocktype.local 内容为
修改sshd策略
创建文件/etc/fail2ban/jail.d/sshd.conf 内容为
重启服务
systemctl restart fail2ban
查看日志
cat /var/log/fail2ban.log 看到如下信息